Efficient Client Puzzles based on Repeated-Squaring

In this paper, we propose a new, nonparallelizable verification-efficient client puzzle. Our puzzle is based on repeated-squaring and enables efficient verification of the puzzle solution that is reported by the client (prover). Client puzzles based on repeated-squaring were first proposed by Rivest et al. in [1] and constitute one of the first examples of nonparallelizable puzzles. The main drawback of these puzzles was their high verification overhead. In this work, we show how this overhead can be significantly reduced by transferring the puzzle verification burden to the prover that executes the puzzle. Given a 1024-bit modulus, the improvement gain in the verification overhead of our puzzle when compared to the original repeatedsquaring puzzle is almost 50 times. We achieve this by embedding a secret – only known to the verifier – within the Euler trapdoor function that is used in repeatedsquaring puzzles. We provide a security proof for this construction. We further show how our puzzle can be integrated in a number of protocols, including those used for efficient protection against DoS attacks and for the remote verification of the computing performance of devices. We validate the performance of our puzzle on a large number of PlanetLab nodes.

[1]  C. P. Schnorr,et al.  Efficient Identification and Signatures for Smart Cards (Abstract) , 1989, EUROCRYPT.

[2]  David Thomas,et al.  The Art in Computer Programming , 2001 .

[3]  Markus Jakobsson,et al.  Secure Server-Aided Signature Generation , 2001, Public Key Cryptography.

[4]  Sean W. Smith,et al.  Combating Spam and Denial-of-Service Attacks with Trusted Puzzle Solvers , 2008, ISPEC.

[5]  Fabian Monrose,et al.  Efficient Memory Bound Puzzles Using Pattern Databases , 2006, ACNS.

[6]  Yehuda Lindell,et al.  Introduction to Modern Cryptography , 2004 .

[7]  Wenliang Du,et al.  Uncheatable grid computing , 2004, 24th International Conference on Distributed Computing Systems, 2004. Proceedings..

[8]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.

[9]  Colin Boyd,et al.  Toward Non-parallelizable Client Puzzles , 2007, CANS.

[10]  Neal Koblitz,et al.  a course in number theory , 1987 .

[11]  Michael K. Reiter,et al.  A multi-layer framework for puzzle-based denial-of-service defense , 2008, International Journal of Information Security.

[12]  Saumya K. Debray,et al.  Obfuscation of executable code to improve resistance to static disassembly , 2003, CCS '03.

[13]  Adam Stubblefield,et al.  Using Client Puzzles to Protect TLS , 2001, USENIX Security Symposium.

[14]  Eugene H. Spafford,et al.  Secure outsourcing of scientific computations , 2001, Adv. Comput..

[15]  John R. Rice Measuring the Performance of Parallel Computations , 1996, ICPP Workshop.

[16]  Ari Juels,et al.  $evwu Dfw , 1998 .

[17]  Brent Waters,et al.  New client puzzle outsourcing techniques for DoS resistance , 2004, CCS '04.

[18]  T. Kohno,et al.  Remote physical device fingerprinting , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[19]  Ronald L. Rivest,et al.  Time-lock Puzzles and Timed-release Crypto , 1996 .

[20]  Christopher Krügel,et al.  Static Disassembly of Obfuscated Binaries , 2004, USENIX Security Symposium.

[21]  C. Y. Hsiung,et al.  Elementary theory of numbers , 1992 .

[22]  Ruth E. Shaw,et al.  Parallel Gaussian elimination using OpenMP and MPI , 2002, Proceedings 16th Annual International Symposium on High Performance Computing Systems and Applications.

[23]  H. E. Rose A course in number theory , 1988 .

[24]  Richard J. Lipton,et al.  Towards uncheatable benchmarks , 1993, [1993] Proceedings of the Eigth Annual Structure in Complexity Theory Conference.

[25]  Michael K. Reiter,et al.  Defending against denial-of-service attacks with puzzle auctions , 2003, 2003 Symposium on Security and Privacy, 2003..

[26]  Minghe Huang,et al.  Some New Parallel Fast Fourier Transform Algorithms , 2005, Sixth International Conference on Parallel and Distributed Computing Applications and Technologies (PDCAT'05).

[27]  Ted Wobber,et al.  Moderately hard, memory-bound functions , 2005, TOIT.

[28]  Yi Gao,et al.  Efficient trapdoor-based client puzzle system against DoS attacks , 2005 .

[29]  Keqin Li Scalable Parallel Matrix Multiplication on Distributed Memory Parallel Computers , 2001, J. Parallel Distributed Comput..

[30]  Brian A. Wichmann,et al.  A Synthetic Benchmark , 1976, Comput. J..

[31]  J. S. Gage The great Internet Mersenne prime search. , 1998, M.D. computing : computers in medical practice.

[32]  Jin-Yi Cai,et al.  Design of Uncheatable Benchmarks Using Complexity Theory , 1997 .

[33]  Anna Lysyanskaya,et al.  How to Securely Outsource Cryptographic Computations , 2005, TCC.

[34]  Keqin Li,et al.  Scalable parallel matrix multiplication on distributed memory parallel computers , 2000, Proceedings 14th International Parallel and Distributed Processing Symposium. IPDPS 2000.

[35]  Tolga Acar,et al.  Analyzing and comparing Montgomery multiplication algorithms , 1996, IEEE Micro.

[36]  G. Edward Suh,et al.  Speeding up Exponentiation using an Untrusted Computational Resource , 2006, Des. Codes Cryptogr..

[37]  Manuel Blum,et al.  A Simple Unpredictable Pseudo-Random Number Generator , 1986, SIAM J. Comput..